Shifting to Adaptive Authentication and Cloud-Based Security

There’s a significant shift in how organizations are viewing information security, according to The Global State of Information Security Survey 2017 (click to download the original publication) from PricewaterhouseCoopers (PwC).

Here’s a short summary of a few of the major trends mentioned in the document:

Opting for Cloud-Based Security

Instead of traditional on-premises systems, 62 percent of organizations are opting for cloud-based managed security services to provide:

  • Authentication
  • Identity and access management
  • Real-time monitoring and analytics
  • Threat intelligence

PwC calls out real-time monitoring and analytics as key to proactive threat intelligence – 51 percent of respondents monitor data to detect security risks and incidents.

To help you gain insight into the users and devices accessing your applications, Route443 is able to assist you on the area of Identity & Access Management, that can be used to make access policy decisions.

Advanced Authentication

Identity has been at the heart of most every breach in the past two years“. – Richard Kneeley, PwC US Managing Director, Cybersecurity and Privacy.

Phishing has emerged as a significant risk across all companies and every industry. Thirty-eight percent of those surveyed reported phishing scams. Criminals will send phishing emails to employees in order to trick them into sharing their legitimate user credentials, gaining access to company systems and data.

Passwords alone aren’t secure enough to protect against phishing attacks. PwC reports that businesses are adopting advanced authentication, or multi-factor authentication  technology such as software tokens, biometrics and smartphone tokens.

As security perimeters dissolve and identity expands from  people to connected devices, identity and access management (IAM) tools are more essential than ever to protect access and prevent incursions.

As PwC stated in their survey, “authentication must be frictionless and intuitive for end users.”

Route443 is able to assist you by implementing conditional access, contextual based where having the password is just not enough. Getting devices into the context of authentication and authorization, enables frictionless and intuitive authentication for your end users.

Adaptive Authentication

Another trend listed by PwC is the use of additional data points to identify suspicious behaviors and patterns – data such as a user’s login time and location, type of device, network, etc. to create risk-based access decisions.

“Identity has been at the heart of most every breach in the past two years,” said Richard Kneeley, PwC US Managing Director, Cybersecurity and Privacy. “Many of these breaches have involved someone gaining access by using compromised identity, then changing their identity once inside the network to ratchet up access to data and systems by taking over a privileged account and in the process gaining unlimited access to the network, to systems and to data .”

Protecting the Identity is the fundamental ground rule of our Identity Driven Security approach, Route443 is able to assess, guide and implement all required measures.
By blocking authentication attempts based on user location, network type or their device, you can reduce risks associated with anonymous networks, countries you don’t do business in, or exposure to out-of-date and risky devices.

Please stay tuned, follow our website (www.route443.eu) our blog (blog.route443.eu) to receive the latest information from us.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s